Resources
Research
See all
11 April 2021
The short story about Clubhouse user scraping and social graphs
During this RedTeam testing, we used Clubhouse as a social engineering tool to find out more about our client's employees. UPDATE: While we were preparing this article for publication, cybernews.com reported: 1.3 million scraped user records leaked online for
...
Read more
16 March 2020
r00kie-kr00kie. Exploring the kr00k attack
We created and published a PoC exploit of the kr00k attack (CVE-2019-15126): https://github.com/hexway/r00kie-kr00kie All technical details can be found in the Process section. INTRODUCTION AND MOTIVATION In February 2020, ESET released the KR00K - CVE-2019-15126 SERIOUS VULNERABILITY DEEP INSIDE
...
Read more
29 January 2020
Piercing the Shield. Breaking the FunctionShield cloud security library
We've found a vulnerability in FunctionShield, a cloud security library, that allows bypassing its tightest restrictions completely. All technical details can be found in the "Process" section. Cloud computing platforms are highly common these days. Fortunately, the times when
...
Read more
8 October 2019
Apple bleee. Everyone knows What Happens on Your iPhone
Users value their privacy, and Apple understands that. We even see related PR activities. "What happens on your iPhone, stays on your iPhone." Let's see if it's true. If Bluetooth is ON on your Apple device everyone nearby can
...
Read more
Updates
See all
15 September 2023
0.58.1. Right-to-Left text support, DOCX bookmarks, automated project creation
As we step into September, we are thrilled to bring you some new features that are set to simplify your project management and report customization experience even further. Here’s a quick rundown of what’s new: Automated Project Creation from Apiary
...
Read more
22 August 2023
August 0.57. Project templates, password policy, HashiCorp support
It’s update time! Let’s now dive into Hexway Hive & Apiary latest release, packed with features that elevate your workflow and redefine efficiency. Here's a quick snapshot of what's in store: Customizable Project templates Password policy HashiCorp Vault support Fast
...
Read more
20 June 2023
June 0.55. GPT integration, MacOS support & Apiary localization
We're excited to announce the June 0.55 update, packed with new features designed to make your experience more efficient and enjoyable. From AI-assisted writing to interface localization, this update brings many improvements that will totally transform how you work. Let's
...
Read more
17 May 2023
May 0.54. CVSS calculator & amazing improvements
We surely couldn't leave you without a new release this month, so we're thrilled to announce our latest release! It's packed with features that will make your work easier, more efficient, and, dare we say, a bit more fun! We've
...
Read more
20 April 2023
April 0.53. Read-only Apiary rights, project search & Jira comments
Get ready for a new experience with our latest product update for Hexway Apiary! We are thrilled to announce a set of new features and enhancements that will take your collaborations to the next level. With a strong focus on
...
Read more
21 March 2023
March 0.51.2 version. Apiary project groups, CSV issue export & advanced Hive filters.
It seems like the spring equinox isn’t just bringing you day & night length equality but also a pack of new and long-awaited & some customer request Hexway Hive & Apiary features. What’s in this update then? Apiary project groups
...
Read more
3 February 2023
February 0.49.3 version. Cross-project dashboard, email notifications, new integration & a lot more
It’s time to download new versions of Hive & Apiary because 0.49.3 has many feature gems for a better experience and amazing pentests. Let’s head to the main part… What’s in this update? Cross-project Apiary dashboard Apiary email notifications Qualys
...
Read more
29 December 2022
December Hexway 0.48.1 version. SLA, Acunetix & logo replace.
First of all, we want to thank everyone for keeping an eye on updates! Especially pre-New Year ones. Let’s head down to the main part. What’s in this update? Acunetix integration SLA Your logo in Apiary Important fixes & minor
...
Read more
30 November 2022
November 0.47.2 version. Duplicated issue merging & updated project feed.
Good news, pentest fellows. It’s time to update your Hive to make pentests even better. This release is important as it has a lot of fixes for better usability and... Duplicated issue merging! And an updated project feed! Attention! This
...
Read more
31 October 2022
Spooky 0.46 version. Hive LDAP, checklist summary & new parsers!
Well, Halloween’s coming, so we have prepared a few awesome feature treats for you. No tricks included! How about taking a look at what this update has in a pocket? LDAP Hive support New integrations (Burp, Zap, OpenVAS) Checklist summary
...
Read more
12 September 2022
September 2022. 0.44 version. Jira reverse sync & mass issue actions
Hey everyone! We are here to announce that this summer is officially over! But there’s no reason to be sad because we’ve brought our latest update with a bunch of awesome features and bug fixes to speed up your security
...
Read more
25 July 2022
July 2022. 0.43 version. Custom issue statuses & status sync.
July was pretty intense for us as Hexway was getting ready to present a new pack of awesome features. It’s no joke, the stakes are high! So, meet this month’s winners: Custom issue statuses Status sync between Hive & Apiary
...
Read more
15 June 2022
June 2022 Hive & Apiary update. 0.41 version. PPTX reporting & Vulnerability linking
Wow... New Apiary & Hive. Meet version 0.41! It’s time to shed light on our latest updates and features that will make you happy! What’s in this amazing update? PPTX reports! Present results like a real pro with visualized and
...
Read more
26 April 2022
April 2022 Hive & Apiary 0.39 version. Multi-Factor Authentication and Checklist Cards
Hello, Hexway users! Today we have released a pack of features you may want to start using already today. This release mostly affects Apiary features — our Blue Team workspace for a systematized work with pentest findings on the client’s
...
Read more
31 March 2022
Hexway Hive 0.37.1 version. Checklists and methodologies sync with Apiary
Let’s say there is a typical pentest report. Basically, it’s just a PDF file with all found vulnerabilities. Normally, this would be enough. But if pentest company wants clients to be loyal and returning, they may want to think of
...
Read more
3 March 2022
Hive 0.36 version. New report generator & custom issues
Introduction First of all, we want to share this fantastic news with you… We have added what you wanted for so long! It’s an updated (super cool) report generator and (also super cool) customizable issues! *Yay* So, it’s time for
...
Read more
9 February 2022
Hive 0.35 version. Renovated checklists
It’s time for the first big release of 2022. Check out what’s inside! Checklists It is one of the first features we have implemented in Hexway Hive. So, a few months later we are ready to update them. They are
...
Read more
22 December 2021
Hive 0.33.1 version. Log4J & issue statuses
A vulnerability was found aaaand fixed, don't worry! What's in this update? Log4j vulnerability fix Draft & Ready issue statuses Bugfix we hope will make your life better! Log4j vulnerability fix You've definitely heard about this whole Log4j vulnerability situation.
...
Read more
15 November 2021
Hive 0.30.1 version. Nuclei & Amass integrations
Hey, hexwayers! We are happy to have all of you here. So, let's take a short tour around our new update. We’ve added Nuclei and Amass scanners integration. Yay! What’s in this update? Nuclei scanner export Amass scanner export Interface
...
Read more
22 September 2021
Hive 0.27 version. Labor dashboard & notifications
Hey Hexwayers & our guests! A new day brings you a new release. What’s in it for you today? Cross-project pentesters labor dashboard Notification system update Utility name import via API Bugfix & other small upgrades Let’s have a closer
...
Read more
10 August 2021
Hive 0.26.1 version. Scope diff, issues templates and advanced filters
It’s Hive team on the line. We are happy to announce our new updates: Scope diff Issues templates import/export Advanced project filters by date Bugfix Scope diff Hive is a useful tool
...
Read more
29 June 2021
Hive 0.23 version. Advanced import, project dashboard, credential store and more!
We listen to your feedback (BTW, here is our Discord) and are trying to implement new features as fast as possible. Meet new Hive features: Advanced import settings Project Dashboard Main View Pagination Credential store Small bug fixes Advanced import
...
Read more
16 June 2021
Hive API. The easiest way to integrate your tool with Hexway Hive
Hi there! Currently, Hexway Hive supports integration with the following utility tools: Nmap/Masscan Metasploit Cobalt Strike Nessus However, there are much more tools we want our solution to be integratable with. That said, many teams use proprietary tools, and we're
...
Read more
31 May 2021
Hive 0.20.1 version. New parser engine and Metasploit & Cobalt Strike integration
New parser engine We have completely redesigned the operation principles of our parsing system and have changed data visualization in the interface! Now, when you click on a hostname, IP, or port, the Import tab is available on the right
...
Read more
21 April 2021
Hexway Hive 0.13.1 version. Nessus integration
We can’t wait to share an important Hive update with you! Now you can import scan results from Nessus directly. This improvement should facilitate the discovery stage of the pentesting process covered by Hive. Much has been done to make
...
Read more
12 March 2021
Hexway Hive online demo version is out!
We understand that sometimes to test a new product you need sufficient time for preparation and installation. That’s why we’ve decided to publish this Hive online demo. This version should make it easier to work with our pentest collaborative tool
...
Read more
Blog
See all
27 September 2023
Pentesting Trends in 2023
Let’s take a look at major trends that have stirred up discussions on how pentests are performed and what looks promising in pentesting. The Major Trends AI and Pentesting Artificial intelligence has taken every industry this year. We are sure
...
Read more
16 September 2023
Generative AI in Penetration Testing
Large Language Models and Generative AI, notably ChatGPT, have revolutionized numerous sectors, including the security industry. These advancements have significantly altered both offensive and defensive security strategies, making AI a valuable ally in pentest engagements by simplifying monotonous tasks and
...
Read more
15 September 2023
0.58.1. Right-to-Left text support, DOCX bookmarks, automated project creation
As we step into September, we are thrilled to bring you some new features that are set to simplify your project management and report customization experience even further. Here’s a quick rundown of what’s new: Automated Project Creation from Apiary
...
Read more
30 August 2023
Top 7 DevSecOps Security Tools
Let's take a look at the best DevSecOps tools and utilities that can help in the efficient implementation of your DevSecOps model. The hot topic in the product industry is DevSecOps, a junction of development, security, and operations where each
...
Read more
22 August 2023
August 0.57. Project templates, password policy, HashiCorp support
It’s update time! Let’s now dive into Hexway Hive & Apiary latest release, packed with features that elevate your workflow and redefine efficiency. Here's a quick snapshot of what's in store: Customizable Project templates Password policy HashiCorp Vault support Fast
...
Read more
31 July 2023
The first steps toward SSDLC. Integrating semgrep with GitLab-CI
Hello! It’s Hexway team. We continue our DevSecOps series and decided to share with you simple steps toward implementing secure development into your current SDLC. We recently talked about security as a necessary and one of the key elements in
...
Read more
13 July 2023
Why modern pentest reports still don’t make much sense?
How evolving pentest methods haven’t resulted in better reporting in 2023 yet, and why is there a need for actionable pentest data? The way pentests are carried out must change with the fast-changing threat landscape. New innovations in how to
...
Read more
20 June 2023
June 0.55. GPT integration, MacOS support & Apiary localization
We're excited to announce the June 0.55 update, packed with new features designed to make your experience more efficient and enjoyable. From AI-assisted writing to interface localization, this update brings many improvements that will totally transform how you work. Let's
...
Read more
10 June 2023
CYBERSECURITY NEWS MAY V. T-Mobile breach, Twitter Circle posts, the new Akira ransomware & more
We continue to share our monthly cybersecurity incident digest highlighting the most noticeable security incidents of the month. In this May edition, we’ll look into security breaches hitting T-Mobile, Twitter Circle posts that are getting available to a wide audience,
...
Read more
6 June 2023
S for Security. From SDLC to SSDLC, DevSecOps, and CI/CD/CS
In today's technology landscape, disruptive products continually redefine our lives. At the heart of this transformation lies the Software Development Life Cycle (SDLC), which delivers results across industries. However, the traditional SDLC has evolved significantly to incorporate security at its
...
Read more
17 May 2023
May 0.54. CVSS calculator & amazing improvements
We surely couldn't leave you without a new release this month, so we're thrilled to announce our latest release! It's packed with features that will make your work easier, more efficient, and, dare we say, a bit more fun! We've
...
Read more
9 May 2023
CYBERSECURITY NEWS APRIL V. — 3CX Trojan, AvidXchange attack, KFC leak, IP scam & Bluefield University attack.
A SolarWind-style Attack with a Twist In the ever-evolving landscape of cybersecurity, recent events have raised alarm bells across the industry, particularly regarding supply chain attacks. One such incident that sent shockwaves through the community involved a Trojan version of
...
Read more
Use cases
See all
28 June 2022
How does Hive save up to 6 hours on each pentest project?
Hexway Hive is an intelligent Red Team workspace made by pentesters for other red teamers to keep some time on the most interesting security things instead of spending time on routine parts. “A very nice work, very responsive interface even
...
Read more
Whitepapers
16 December 2021
Why traditional pentesting approach
Download in pdf
Try Hive now
online demo
Copyright © 2023 Hexway.
All rights reserved
Workspaces
PTaaS platform
ASOC platform
Roadmap
Explore
Pricing
Downloads
Docs
Branded reports
Why PTaaS
Resources
Blog
Research
Privacy policy
Stay up to date
Greate!
Check your mail